package com.gz.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
@RequestMapping("/document")
public class DocumentController {

  @PreAuthorize("hasPermission(#id, 'document', 'read')")
  @GetMapping("/{id}")
  public String getDocument(@PathVariable("id") Long id) {
    // ...
    return "ok";
  }
}